Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2022-43681

Опубликовано: 03 мая 2023
Источник: redhat
CVSS3: 6.5

Описание

An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the option length octet (or the option length word, in case of an extended OPEN message), the FRR code reads of out of the bounds of the packet, throwing a SIGABRT signal and exiting. This results in a bgpd daemon restart, causing a Denial-of-Service condition.

An out-of-bounds read flaw exists in the BGP daemon of FRRouting. When sending a malformed BGP OPEN message that ends with the option length octet (or the option length word, in case of an extended OPEN message), the FRR code reads out of the bounds of the packet, throwing a SIGABRT signal and exiting. This issue results in a bgpd daemon restart, causing a denial of service.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 8frrNot affected
Red Hat Enterprise Linux 9frrFixedRHSA-2023:643407.11.2023

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=2196088frr: out-of-bounds read exists in the BGP daemon of FRRouting

6.5 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2022-43681

CVSS3: 6.5
ubuntu
около 2 лет назад

An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the option length octet (or the option length word, in case of an extended OPEN message), the FRR code reads of out of the bounds of the packet, throwing a SIGABRT signal and exiting. This results in a bgpd daemon restart, causing a Denial-of-Service condition.

nvd логотип

CVE-2022-43681

CVSS3: 6.5
nvd
около 2 лет назад

An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the option length octet (or the option length word, in case of an extended OPEN message), the FRR code reads of out of the bounds of the packet, throwing a SIGABRT signal and exiting. This results in a bgpd daemon restart, causing a Denial-of-Service condition.

debian логотип

CVE-2022-43681

CVSS3: 6.5
debian
около 2 лет назад

An out-of-bounds read exists in the BGP daemon of FRRouting FRR throug ...

github логотип

GHSA-x7mf-v6gh-vm4g

CVSS3: 7.5
github
около 2 лет назад

An out-of-bounds read exists in the BGP daemon of FRRouting FRR through 8.4. When sending a malformed BGP OPEN message that ends with the option length octet (or the option length word, in case of an extended OPEN message), the FRR code reads of out of the bounds of the packet, throwing a SIGABRT signal and exiting. This results in a bgpd daemon restart, causing a Denial-of-Service condition.

fstec логотип

BDU:2023-02673

CVSS3: 7.5
fstec
больше 2 лет назад

Уязвимость демона bgpd программного средства реализации сетевой маршрутизации на Unix-подобных системах FRRouting, позволяющая нарушителю вызвать отказ в обслуживании

6.5 Medium

CVSS3